SOC L2

Capgemini

  • Málaga
  • Permanente
  • Tiempo completo
  • Hace 1 mes
Who are we?Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 300,000 team members in nearly 50 countries. With its strong 50-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms.We desire to hire SOC Analyst L2 Profiles to be part of our team integrated CIS Business Unit.The Level 2 (L2) Security Analyst manages complex incidents, conducts advanced threat analysis, and coordinates responses. They enhance security tools, guide Tier 1 Analysts, and proactively defend against advanced threats, fortifying client defenses and preserving critical infrastructure and reputation.Key responsibilities:
  • Advanced Analysis: Perform deeper and more detailed analysis of incidents, evaluating sophistication and potential impact compared to level 1
  • Specialized Escalation: Handle incidents of greater complexity, escalating to higher levels and coordinating with specialized teams when necessary
  • Forensic Investigation: Conduct forensic investigations to determine the root cause of incidents and collect evidence for possible legal action
  • Signature and Rule Development: Create and update signatures, rules, and behavioral profiles in detection tools to improve accuracy and effectiveness
  • Technical Advice: Provide technical advice to level 1 analysts, helping in the understanding and resolution of more complex incidents
  • Tool Optimization: Collaborate in the improvement and optimization of security tools, proposing adjustments and updates to keep up with threats
  • Critical Incident Management: Coordinate the response to critical incidents, ensuring efficient execution of mitigation and recovery plans
  • Review of Security Policies: Evaluate and update security policies and procedures, ensuring their alignment with best practices and regulations
  • Staff Training: Provide ongoing training to Tier 1 staff and other teams on new cybersecurity threats, tactics, and techniques
  • Threat Intelligence Analysis: Integrate threat intelligence to improve the ability to detect and respond early to possible attacks
  • Coordination with Internal Teams: Collaborate closely with internal teams, such as the risk management and compliance team, to address specific security aspects
  • Development of Executive Reports: Prepare detailed executive reports on incidents, providing clear and concise information for decision making
  • Continuous Process Improvement: Identify opportunities for improvement in incident response processes and contribute to their continuous evolution
  • Vulnerability Analysis: Carry out vulnerability assessments to identify possible points of exposure and collaborate in their mitigation
  • Participating in Advanced Drill Exercises: Engage in more advanced cybersecurity drills to test responsiveness and improve team readiness.
Required Skills:
  • Strong analytical and problem-solving skills
  • Excellent written and verbal communication skills
  • Knowledge of security best practices and concepts
  • High ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlines
  • High-level understanding of TCP/IP protocol to detect and understand malicious traffic
  • Experience in SIEM operation & tooling (IBM QRadar, Splunk, Microsoft Sentinel, Chronicle)
  • Experience in EDR operation & tooling (MS Defender, Symantec, CrowdStrike Falcon, among others)
  • Experience in Network components operation or general knowledge
  • Experience in incident, problem management, and/or change management
  • Knowledge of Operating Systems, Basic Scripting Skills
  • Ability to communicate in writing and verbally in both Spanish and English
Secondary skills (nice to have):
  • Bachelor's degree in Cybersecurity, Networking, Information or a related field is not mandatory but is wellcome
  • Relevant industry certifications are not mandatory but are wellcome:
AZ-500, SC-100, SC-200CISSP, GCIA, GCIH, ECIH, CySA, CISACompTIA Security+CompTIA Network+Why you should join us:
  • You will find a dynamic and incusive work environment
  • Participate in cutting-edge and innovative technological projects.
  • Career plan and specialized training courses.
  • Competitive salary according to candidate’s profile
  • Restaurant tickets
  • Childcare checks
  • Medical and life insurance
  • Become part of a responsible company committed to equal opportunities.
  • An excellent work environment and team with whom to work side by side.
  • Regular team and global events
  • Steady job, you'll get a permanent contract from the first day onwards.
  • Hybrid working model
DIVERSITY & INCLUSION AT CAPGEMINIAt Capgemini, we are committed to diversity and inclusion. Diversity is a source of innovation and inspiration. We are committed to professionals, regardless of ethnicity, gender identity, disability, sexual orientation or any other dimension of diversity.It's time! Come join us, and be part of our growing family

Capgemini